Try Our New BETA Version
GO
Universal Access To All Knowledge
Home Donate | Store | Blog | FAQ | Jobs | Volunteer Positions | Contact | Bios | Forums | Projects | Terms, Privacy, & Copyright
Search: Advanced Search
Anonymous User (login or join us)
Upload
Search Results
Results: 1 through 50 of 201 (0.081 secs)
You searched for: subject:"defcon"
[1] 2 3 4 5     Next    Last
[audio]Defcon
How Close
Keywords: Defcon
Downloads: 49
[movies]Measuring the IQ of your Threat Intelligence feeds - Alex Pinto & Kyle Maxwell
Threat Intelligence feeds are now being touted as the saving grace for SIEM and log management deployments, and as a way to supercharge incident detection and even response practices. We have heard similar promises before as an industry, so it is only fair to try to investigate. Since the actual number of breaches and attacks worldwide is unknown, it is impossible to measure how good threat intelligence feeds really are, right? Enter a new scientific breakthrough developed over the last 300 year...
Keywords: defcon22; defcon; hackercons
Downloads: 6
[movies]Saving the Internet (for the Future) - Jay Healey
Saving the Internet (for the Future): Last year, the Dark Tangent wrote in the DC XXI program that the "balance has swung radically in favor of the offense, and defense seems futile." It has always been easier to attack than to defend on the Internet, even back to 1979 when it was written that "few if any security controls can stop a dedicated" red team. We all accept this as true but the community rarely ever looks at the longer term implications of what happens to the internet if one side has ...
Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Check Your Fingerprints - Cloning the Strong Set - Richard Klafter (Free) & Eric Swanson (Lachesis)
The web of trust has grown steadily over the last 20 years and yet the tooling that supports it has remained stagnant despite staggering hardware advancement. Choices that seemed reasonable 20 years ago (32bit key ids or even 64bit key ids) are obsolete. Using modern GPUs, we have found collisions for every 32bit key id in the strong set, with matching signatures and key-sizes (e.g. RSA 2048). Although this does not break the encryption the web of trust is built on, it further erodes the usabili...
Keywords: defcon22; defcon; hackercons
Downloads: 7
[movies]Shellcodes for ARM - Your Pills Don't Work on Me x86 - Svetlana Gaivoronski & Ivan Petrov

Keywords: defcon22; defcon; hackercons
Downloads: 6
[movies]NSA Playset - PCIe - Joe FitzPatrick & Miles Crabill

Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]Home Insecurity - No alarms False alarms and SIGINT - Logan Lamb

Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]Destroying Education and Awareness Programs - David Kennedy

Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]DEF CON Comedy Jam Part VII - Is This The One With The Whales - Panel
Weeeeeeeeee're baaaaaack. Bring out your FAIL. It's the most talked about panel at DEF CON! A standing room only event with a wait list at the door. Nothing is sacred, not the industry, not the audience, not even each other. Last year we raised over $2000 for the EFF and over $5000 over the last 5 years, let's see how much we can raise this year.... David Mortman is the Chief Security Architect and Distinguished Engineer at Dell Enstratius and is a Contributing Analyst at Securosis...
Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]A Survey of Remote Automotive Attack Surfaces - Charlie Miller & Chris Valasek

Keywords: defcon22; defcon; hackercons
Downloads: 7
[movies]Manna from Heaven - Improving the state of wireless rogue AP attacks - Dominic White & Ian de Villiers
The current state of theoretical attacks against wireless networks should allow this wireless world to be fully subverted for all but some edge cases. Devices can be fooled into connecting to spoofed networks, authentication to wireless networks can either be cracked or intercepted, and our ability to capture credentials at a network level has long been established. Often, the most significant protection users have are hitting the right button on an error message they rarely understand...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]A journey to protect points of sale - Nir Valtman
Many point-of-sale breaches occurred in the past year and many organizations are still vulnerable against the simplest exploits. In this presentation, I explain about how points-of-sale get compromised from both retailer’s and software-vendor’s perspective. One of the most common threats is memory scraping, which is a difficult issue to solve. Hence, I would like to share with you a demonstration of how it works and what can be done in order to minimize this threat...
Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Oracle Data Redaction is Broken - David Litchfield
The Oracle data redaction service is a new feature introduced with Oracle 12c. It allows sensitive data, such as PII, to be redacted or masked to prevent it being exposed to attackers. On paper this sounds like a great idea but in practice, Oracle's implementation is vulnerable to multiple attacks that allow an attacker to trivially bypass the masking and launch privilege escalation attacks. David Litchfield is a computer security researcher with a special interest in buffer overflow exploitatio...
Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]Learn how to control every room at a luxury hotel remotely - the dangers of insecure home automation deployment - Jesus Molina
Have you ever had the urge to create mayhem at a hotel? Force every hotel guest to watch your favorite TV show with you? Or wake your neighbors up (all 290 of them!) with blaring music and with their blinds up at 3 AM? For those with the urge, I have the perfect place for you. The St. Regis ShenZhen, a gorgeous luxury hotel occupying the top 28 floors of a 100 story skyscraper, offers guests a unique feature: a room remote control in the form of an IPAD2...
Keywords: defcon22; defcon; hackercons
Downloads: 6
[movies]Hacking US (and UK & Australia & France etc.) traffic control systems - Cesar Cerrudo

Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Attacking the Internet of Things using Time - Paul McMillan
Internet of Things devices are often slow and resource constrained. This makes them the perfect target for network-based timing attacks, which allow an attacker to brute-force credentials one character at a time, rather than guessing the entire string at once. We will discuss how timing attacks work, how to optimize them, and how to handle the many factors which can prevent successful exploitation...
Keywords: defcon22; defcon; hackercons
Downloads: 7
[movies]The Open Crypto Audit Project - Kenneth White & Matthew Green
Join us for the story of the origins and history of the Open Crypto Audit Project (OCAP). OCAP is a community-driven global initiative which grew out of the first comprehensive public audit and cryptanalysis of the widely used encryption software TrueCrypt®. Our charter is to provide technical assistance to free and open source software projects in the public interest. We serve primarily as a coordinator for volunteers and as a funding mechanism for technical experts in security, software engin...
Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]Through the Looking - Glass and What Eve Found There - Luca (kaeso) Bruno & Mariano (emdel) Graziano
Traditionally, network operators have provided some kind of public read-only access to their current view of the BGP routing table, by the means of a "looking glass”. In this talk we inspect looking glass instances from a security point of view, showing many shortcomings and flaws which could let a malicious entity take control of critical devices connected to them. In particular, we will highlight how easy it is for a low-skilled attacker to gain access to core routers within multiple ISP inf...
Keywords: defcon22; defcon; hackercons
Downloads: 6
[movies]Elevator Hacking - From the Pit to the Penthouse - Deviant Ollam & Howard Payne
Throughout the history of hacker culture, elevators have played a key role.  From the mystique of students at MIT taking late-night rides upon car tops (don't do that, please!) to the work of modern pen testers who use elevators to bypass building security systems (it's easier than you think!) these devices are often misunderstood and their full range of features and abilities go unexplored.  This talk will be an in-depth explanation of how elevators work.....
Keywords: defcon22; defcon; hackercons
Downloads: 10
[movies]Open Source Fairy Dust - John Menerick
Over the past 30 years, the Internet and open source software have worked in tandem. The Internet has provided an environment for open source software to prosper. Some would say the Internet and open source software are indistinguishable. From low level cryptography to critical services, the Internet’s foundation is built upon open source building blocks. These blocks are crumbling. This presentation will tread through popular open source projects, common fallacies, peer into 0days, walk trend...
Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]Am I Being Spied On.. Low-tech Ways Of Detecting High-tech Surveillance - Dr. Phil Polstra

Keywords: defcon22; defcon; hackercons
Downloads: 10
[movies]Getting Windows to Play with Itself - A Hacker's Guide to Windows API Abuse - Brady Bloxham
Windows APIs are often a blackbox with poor documentation, taking input and spewing output with little visibility on what actually happens in the background. By analyzing (and abusing) the underlying functionality of these seemingly benign APIs, we can effectively manipulate Windows into performing stealthy custom attacks bypassing the latest in protective defenses. In this talk, we’ll get Windows to play with itself nonstop while revealing 0day persistence, previously unknown DLL injection te...
Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]NinjaTV - Increasing Your Smart TVs IQ Without Bricking It - Felix Leder
Smart TVs are growing in popularity. Set-top boxes like Apple TV, Roku, or WD TV can make your “normal” TV "smart" and Smart TVs even smarter. Despite their functionality, they’re often missing interesting features, like bit-torrent, VPN and even specific TV channels. This presentation is about how to hack into WD TV set-top boxes and how to add experimental functionality without the risk of bricking it...
Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]USB for all! - Jesse Michael & Mickey Shkatov
USB is used in almost every computing device produced in recent years. In addition to well-known usages like keyboard, mouse, and mass storage, a much wider range of capabilities exist such as Device Firmware Update, USB On-The-Go, debug over USB, and more. What actually happens on the wire? Is there interesting data we can observe or inject into these operations that we can take advantage of? In this talk, we will present an overview of USB and its corresponding attack surface...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]Meddle - Framework for piggy - back fuzzing and tool development - Geoff McDonald

Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]Cyberhijacking Airplanes - Truth or Fiction - Dr. Phil Polstra & Captain Polly
There have been several people making bold claims about the ability to remotely hack into aircraft and hijack them from afar. This talk will take a systematic look at the mechanisms others are claiming would permit such cyberhijacking. Each of the most popular techniques will be examined mythbuster style. Along the way several important aircraft technologies will be examined in detail. Attendees will leave with a better understanding of ADS-B, ADS-A, ACARS, GPS, transponders, collision avoidance...
Keywords: defcon22; defcon; hackercons
Downloads: 7
[movies]Extreme Privilege Escalation On Windows 8 UEFI Systems - Corey Kallenberg & Xeno Kovah

Keywords: defcon22; defcon; hackercons
Downloads: 8
[movies]How To Get Phone Companies To Just Say No To Wiretapping - Phil Zimmermann
Phil is going to talk about his latest projects, which are helping several mobile carriers to provide their customers with wiretap-free phone services.  These carriers are breaking ranks with the rest of their industry's century-long culture of wiretapping.  When you can get actual phone companies to join in the struggle, you know change is afoot.  And yes, Navy SEALS are involved. Phil Zimmermann is the creator of both PGP, the most widely used email encryption software in the world, and the...
Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Weird - Machine Motivated Practical Page Table Shellcode & Finding Out What's Running on Your System - Shane Macaulay

Keywords: defcon22; defcon; hackercons
Downloads: 8
[movies]From Raxacoricofallapatorius With Love - Case Studies In Insider Threats - Tess Schrodinger

Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]Closing Ceremonies - Panel

Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]The Monkey in the Middle - A pentesters guide to playing in traffic - Anch
Prank your friends, collect session information and passwords, edit traffic as it goes by.. become the Monkey(man)-In-The-Middle and do it all… This presentation will teach you a penetration testers view of man in the middle (MITM) attacks. It will introduce the tools, techniques and methods to get traffic to your hosts. Demonstrations of the tools and methods involved will be presented. Come learn new and interesting ways to prank your friends, experience the all porn internet (redux), learn...
Keywords: defcon22; defcon; hackercons
Downloads: 17
[movies]Playing with Car Firmware or How to Brick your Car - Paul Such 0x222 & Agix
A lot of papers have already been done/produced on hacking cars through ODB2/CanBus. Looking at the car firmware could also be something really fun :) How to access the firmware, hidden menus & functionalities, hardcoded SSID, users and passwords (yes, you read right), are some of the subjects we will cover during this short presentation. Paul Such 0x222 is a security engineer and the founder of SCRT, a Swiss company specialized in ethical hacking / penetration test and digital forensic since 20...
Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Abuse of Blind Automation in Security Tools - Eric (XlogicX) Davisson & Ruben Alejandro (chap0)
It is impossibly overwhelming for security personnel to manually analyze all of the data that comes to them in a meaningful way. Intelligent scripting and automation is key. This talk aims to be a humorous reminder of why the word “intelligent” really matters; your security devices might start doing some stupid things when we feed them. This talk is about abusing signature detection systems and confusing or saturating the tool or analyst...
Keywords: defcon22; defcon; hackercons
Downloads: 4
[movies]Impostor - Polluting Tor Metadata - Charlie Vedaa & Mike Larsen
Just using Tor can bring the cops to your door. While the security community was busy scolding the Harvard bomb threat kid for his poor OPSEC, this ugly revelation was largely ignored. Malware authors are doing their part to remedy the situation; by adding thousands of infected hosts to the Tor network, they're making Tor traffic more common, and making dragnet investigation techniques less viable...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]How to you Feel about your Mother.. Psych and The SE - Michele Fincher

Keywords: defcon22; defcon; hackercons
Downloads: 7
[movies]Dropping Docs on Darknets - How People Got Caught - Adrian Crenshaw

Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]Acquire current user hashes without admin privileges - Anton Sapozhnikov
If an attacker has only user level access to an infected machine inside corporate internal network, that means he or she has quite a limited number of ways to get the password of that user. Already known techniques require additional network access or great amount of luck. Having no access to internal network and absence of admin privileges is a common case during spear phishing attacks and social engineering activities...
Keywords: defcon22; defcon; hackercons
Downloads: 8
[movies]The Secret Life of Krbtgt - Christopher Campbell
A tale of peril and woe, Krbtgt is the domain account that you just can't quit. Quiet and harmless, it has been with your enterprise since you first installed Active Directory. Although disabled, it has witnessed years of poor configurations, remote code execution vulnerabilities and bad administrator passwords. Come hear Krbtgt's story and see why its days should be numbered. If you don't laugh, you'll cry...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]The Cavalry Year(0) & a Path Forward for Public Safety - Joshua Corman & Nicholas J Percoco
At DEF CON 21, The Cavalry was born. In the face of clear & present threats to "Body, Mind & Soul" it was clear: The Cavalry Isn't Coming... it falls to us... the willing & able... and we have to try to have impact. Over the past year, the initiative reduced its focus and increased its momentum. With a focus on public safety & human life we did our best "Collecting, Connecting, Collaborating" to ensure the safer technology dependence in: Medical, Automotive, Home Electronics & Public Infrastruct...
Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Detecting and Defending Against a Surveillance State - Robert Rowley
This talk is based on semi-recent reported leaks that detail how state-actors could be engaging in surveillance against people they deem as 'threats'. I will cover the basics on what was leaked, and focus the talk on how to detect hardware bugs, implanted radio transceivers, firmware injections, cellular network monitoring, etc... No need to bring your tin-foil hats though, the discussion here is a pragmatical approach to how to detect such threats and identify if you have been targeted...
Keywords: defcon22; defcon; hackercons
Downloads: 9
[movies]Generating ROP payloads from numbers - Alexandre Moneger
Is it possible to generate a ROP payload whilst using as few gadgets from the target binary as possible? Is it also possible to build any shellcode in memory regardless of the opcodes in the target binary? An approach to this is to build the ROP payload by summing selected pieces of memory together and copying them to a stack in the process address space. A method and tool will be presented, which allows to stitch together selected numbers found in memory into a payload and execute it...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[movies]Summary of Attacks Against BIOS and Secure Boot - Yuriy Bulygin & Oleksandr Bazhaniuk & Andrew Furtak & John Loucaides
A variety of attacks targeting platform firmware have been discussed publicly, drawing attention to the pre-boot and firmware components of the platform such as secure boot, OS loaders, and SMM. Windows 8 Secure Boot provides an important protection against bootkits by enforcing a signature check on each boot component. This talk will detail and organize some of the attacks and how they work. We will demonstrate a full software bypass of secure boot...
Keywords: defcon22; defcon; hackercons
Downloads: 5
[movies]Home Alone with localhost - Automating Home Defense - Chris Littlebury
Home automation is everywhere, and so are their exploits. This presentation will go over a brief history of home automation techniques, cover modern technologies used today, detail some of the current exploits used against modern automation and security systems, and give examples on how to defend against them. You'll be provided with the knowledge necessary to build your own home-Skynet system- complete with passive and active defenses against physical and wireless attacks...
Keywords: defcon22; defcon; hackercons
Downloads: 6
[movies]The Internet of Fails - Where IoT Has Gone Wrong and How We're Making It Right - Mark Stanislav & Zach Lanier

Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]Is This Your Pipe.. Hijacking the Build Pipeline - Kyle Kelley & Greg Anderson

Keywords: defcon22; defcon; hackercons
Downloads: 2
[movies]How to Disclose an Exploit Without Getting in Trouble - Jim Denaro & Tod Beardsley
You have identified a vulnerability and may have developed an exploit. What should you do with it? You might consider going to the vendor, blogging about it, or selling it. There are risks in each of these options. This session will cover the risks to security researchers involved in publishing or selling information that details the operation of hacks, exploits, vulnerabilities and other techniques...
Keywords: defcon22; defcon; hackercons
Downloads: 8
[movies]NSA Playset - GSM Sniffing - Pierce & Loki

Keywords: defcon22; defcon; hackercons
Downloads: 10
[movies]Domain Name Problems and Solutions - Paul Vixie
Spammers can't use dotted quads or any other literal IP address, since SpamAssassin won't let it through, since it looks too much like spam. So, spammers need cheap and plentiful -- dare we say 'too cheap to meter'? -- domain names. The DNS industry is only too happy to provide these domain names, cheaply and at massive scale. The end result is that 90% of all domain names are crap, with more on the way...
Keywords: defcon22; defcon; hackercons
Downloads: 1
[movies]I am a legend - Hacking Hearthstone with machine learning - Elie Bursztein & Celine Bursztein
Want to become a legend at Hearthstone -- Blizzard's new blockbuster collecting card game -- or simply learn how to play better? Then pull up a chair by the hearth and join us for a talk about Hearthstone mechanics and how to improve your chance of winning using machine learning and data mining. This talk is packed with examples that show how to use the tools that we are releasing at Defcon. First, we will show you how to uncover the most undervalued cards by building a pricing model reflecting ...
Keywords: defcon22; defcon; hackercons
Downloads: 3
[1] 2 3 4 5     Next    Last
Advanced search

Group results by:

> Relevance
Mediatype
Collection

Related mediatypes

movies
audio

Terms of Use (31 Dec 2014)